Jump to content

Metasploit


starter93
 Share

Recommended Posts

Hi guys.

I got a problem with Metasploit console exploits/ and payloads.

I'm testing Metasploit for my school study.

Well.

The problem is, when I'm trying for example to vncinject a "victim" by the IP-adresse.

I get the following:

Handler failed to bind to 00.00.00.00:4444

[*] Started reverse handler on 00.00.00.00:4444

[-] Exploit exception: The connection timed out (00.00.00.00:4444).

[*] Exploit completed, but no session was created.

Whats wrong ?

Thanks :)

Link to comment
Share on other sites

Were you able to successfully exploit the system in question? Because from the looks of it, you have no existing meterpreter session to interact with.

Read up on http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training

Link to comment
Share on other sites

Hi guys.

I got a problem with Metasploit console exploits/ and payloads.

I'm testing Metasploit for my school study.

Well.

The problem is, when I'm trying for example to vncinject a "victim" by the IP-adresse.

I get the following:

Handler failed to bind to 00.00.00.00:4444

[*] Started reverse handler on 00.00.00.00:4444

[-] Exploit exception: The connection timed out (00.00.00.00:4444).

[*] Exploit completed, but no session was created.

Whats wrong ?

Thanks :)

Something is already using port 4444

netstat -antp | grep 4444

Link to comment
Share on other sites

I've ran into that problem as well, it never worked for me. I searched other forums for help and it was suggested that my target machine was fully patched or not vulnerable at all.

What version of XP/Vista are you using?

Link to comment
Share on other sites

The bind can go two ways though. If hes trying to bind the target machine to port 4444 and its not exploited and already able to make a session, trying to connect to it will time out. If hes trying to make the target call back to him, and the bind fails, then something locally is already in use or the targets firewall blocks outgoing traffic to port 4444. When I see 0.0.0.0 though, I'm thinking he is doing it locally, but he may have to actually specify the correct IP address, instead of trying to broadcast to 0.0.0.0 if the target is on a different network.

Link to comment
Share on other sites

The ip of 0.0.0.0 means to accept any interface, from the error he has shown up there "Handler failed to bind to 0.0.0.0:4444" means something is already bound to listen on that port. I've run into this before. He has to netstat and find out what is running on that port.

Link to comment
Share on other sites

Hi guys.

I got a problem with Metasploit console exploits/ and payloads.

I'm testing Metasploit for my school study.

Well.

The problem is, when I'm trying for example to vncinject a "victim" by the IP-adresse.

I get the following:

Handler failed to bind to 00.00.00.00:4444

[*] Started reverse handler on 00.00.00.00:4444

[-] Exploit exception: The connection timed out (00.00.00.00:4444).

[*] Exploit completed, but no session was created.

Whats wrong ?

Thanks :)

Head over to your Windows Box, and bring up the command prompt and type

netstat -na

That should display a list of processes or services that are using port 4444.

If that's the case, you will need to use a different port other than 4444

That should work.

Link to comment
Share on other sites

starter93 needs to tell us his network setup, whether its two virtual machines on the same network, two physical machines on the same network, different networks/subnets, across the internet with NAT/port forwarding issues, etc. It might even be he specified the wrong IP of the machine hes trying to attack. Hes not replied to anything in this thread, so its all speculation as to the problem until we can get some more info.

Link to comment
Share on other sites

Very true, he could even be a bot. But his post looks very authentic. So lets wait and see.

Edited by Infiltrator
Link to comment
Share on other sites

Huh?

No really, if he is using the reverse handler and it cannot bind, a program is already using that port.. it's not that hard lol.

... i have xp sp2 and sp3 on my vm and on sp3 i get the same message ... on sp2 it works a charm

im guessing its been patched ... does the target machine return an error message ?

Link to comment
Share on other sites

... i have xp sp2 and sp3 on my vm and on sp3 i get the same message ... on sp2 it works a charm

im guessing its been patched ... does the target machine return an error message ?

I don't think the target machine will, only Backtrack will return an error.

For the victim the attack will appear transparent, unless they are running some tools that can detect the attack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...